1 |
On Sun, 2003-09-07 at 22:44, Jan Krueger wrote: |
2 |
> On Sunday 07 September 2003 18:21, Martin Schlemmer wrote: |
3 |
> > On Sun, 2003-09-07 at 22:18, Jan Krueger wrote: |
4 |
> > > On Sunday 07 September 2003 17:57, Martin Schlemmer wrote: |
5 |
> > > > and change '${D}/usr/sbin/foo' to '${D}/sbin/init' ? |
6 |
> > > > (ok, yes, its not going to work as a script if I remember |
7 |
> > > > correctly .. but a simple c wrapper is quick to code). |
8 |
> > > |
9 |
> > > Cool, you just found another security bug in portage! |
10 |
> > > |
11 |
> > > go on :) |
12 |
> > > |
13 |
> > > So, the required feature thats implied with your detection, would be the |
14 |
> > > possibility to protect the already installed packages from modification |
15 |
> > > through installation of another package. |
16 |
> > |
17 |
> > And if this was baselayout that was compromised ? |
18 |
> |
19 |
> Then you either |
20 |
> -should have audited the ebuild and code of baselayout |
21 |
> -hope that the md5sum protection alarmes you |
22 |
> -hope that the signature protection alarmes you (not yet implemented) |
23 |
> -hope that the security-oriented program analysis alarmes you (not yet |
24 |
> implemented) |
25 |
> -hope that the problem hit someone else before you so it got widely published |
26 |
> and you read the news |
27 |
> -hope that the automated test-procedures of gentoo detects the fault (not yet |
28 |
> implemented) |
29 |
> -invent a special baselayout protection |
30 |
> -have a second authorized tree that got not compromised (because operational |
31 |
> independend to the one gentoo tree with a special procedure that aims to |
32 |
> prevent to move of compromised things between the trees) to compare against |
33 |
> before emerge. |
34 |
> -install some other os (with maybe different problems) |
35 |
> -go out for a walk and watch sparrows or so :) |
36 |
> -forbid the emerge of baselayout because you think its better to install |
37 |
> baselayout in a special hardened way instead. |
38 |
> |
39 |
|
40 |
So how are any of these going to help if you do not trust us or any |
41 |
other developers/upstream_authors, encryption, etc, etc. I mean, |
42 |
this *IS* what this whole issue is about, no ? |
43 |
|
44 |
|
45 |
-- |
46 |
|
47 |
Martin Schlemmer |
48 |
Gentoo Linux Developer, Desktop/System Team Developer |
49 |
Cape Town, South Africa |